Friday, November 17, 2000

What is SSH?

Secure Shell is a very powerful tool. If you're completely unfamiliar with it, think of it in terms of "telnet". Secure Shell can provide you with a shell interface to your remote host that feels very much like a telnet connection, except... it's encrypted.

Telnet's major disadvantage has always been that passwords and all telnet traffic that goes over your telnet session travels across the wire in plain text. It's very insecure, but flexible.

Enter Secure Shell (SSH). Secure Shell is encrypted from the start. Your initial connection and any password authentication is completely encrypted using your choice of a variety of encryption schemes (Blowfish, 3DES, ...). Once connected, the commands to type to the remote shell are encrypted as well. This gives you the ability to manage your remote servers without the fear that your passwords are being sniffed and your server compromised.

Do I sound like a salesmen yet?

But wait... there's more! Within your SSH connection, you can tunnel TCP traffic and connect to remote services securely. It's called "port forwarding". When you make your SSH connection from your client machine to your server machine, you can forward ports from the client to ports on the server (or ports that the server "sees").